Skip to main content
CVE-2023-28252 HIGH POC KEV PATCH THREAT Act Now

Windows Common Log File System Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow Microsoft Heap Overflow Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
7.8
EPSS
49.0%
CVE-2023-28231 HIGH POC PATCH THREAT This Week

DHCP Server Service Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow RCE Heap Overflow Windows Server 2008 Windows Server 2012 +3
NVD
CVSS 3.1
8.8
EPSS
36.9%
CVE-2023-22614 HIGH POC This Week

An issue was discovered in ChipsetSvcSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Insydeh2o
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2023-1976 HIGH POC PATCH This Week

Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.0.6. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Answer
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-28288 HIGH POC PATCH This Week

Microsoft SharePoint Server Spoofing Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

SSRF Microsoft Sharepoint Foundation Sharepoint Server
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
6.2%
CVE-2023-25409 HIGH POC This Week

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pe8108 Firmware
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2023-28311 HIGH POC PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

RCE Buffer Overflow Microsoft Heap Overflow 365 Apps +2
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
2.7%
CVE-2023-28293 HIGH POC PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Information Disclosure Microsoft Windows 10 1607 Windows 10 1809 +10
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
2.9%
CVE-2023-28285 HIGH POC PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Use After Free RCE Memory Corruption Microsoft 365 Apps +2
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
3.0%
CVE-2023-25413 HIGH POC This Week

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pe8108 Firmware
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-26964 HIGH POC PATCH This Week

An issue was discovered in hyper v0.13.7. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service H2 Hyper
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-27179 HIGH POC THREAT This Week

GDidees CMS v3.9.1 and lower was discovered to contain an arbitrary file download vulenrability via the filename parameter at /_admin/imgdownload.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload PHP Gdidees Cms
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
60.8%
CVE-2023-26917 HIGH POC This Week

libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Libyang
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2023-27191 HIGH POC This Week

An issue found in DUALSPACE Super Secuirty v.2.3.7 allows an attacker to cause a denial of service via the SharedPreference files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Super Security
NVD GitHub
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-25407 HIGH POC This Week

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pe8108 Firmware
NVD
CVSS 3.1
7.2
EPSS
0.8%
CVE-2023-1987 HIGH POC This Week

A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Computer And Laptop Store
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.8%
CVE-2023-1986 HIGH POC This Week

A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Computer And Laptop Store
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.8%
CVE-2023-1985 HIGH POC This Week

A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0.php?f=save_brand. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Computer And Laptop Store
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.8%
CVE-2023-28229 HIGH POC KEV PATCH THREAT This Week

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.0). Public exploit code available.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
7.0
EPSS
1.9%
CVE-2023-22613 HIGH This Week

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Insydeh2o
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2023-28297 HIGH PATCH This Week

Windows Remote Procedure Call Service (RPCSS) Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1607 +9
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2023-28275 HIGH PATCH This Week

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +12
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2023-28243 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-28240 HIGH PATCH This Week

Windows Network Load Balancing Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows Server 2008 +4
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-24929 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24928 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24927 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24926 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Buffer Overflow Microsoft Heap Overflow Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24925 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24924 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

RCE Buffer Overflow Information Disclosure Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24887 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Integer Overflow RCE Microsoft Windows 10 1507 Windows 10 1607 +11
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24886 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24885 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption RCE Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-24884 HIGH PATCH This Week

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-22612 HIGH This Week

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Insydeh2o
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2023-21727 HIGH PATCH This Week

Remote Procedure Call Runtime Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Buffer Overflow RCE Heap Overflow Windows 10 1607 Windows 10 1809 +10
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-27995 HIGH This Week

A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Fortinet RCE Ssti Fortisoar
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2023-28062 HIGH This Week

Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Dell Powerprotect Data Manager
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2023-27917 HIGH This Week

OS command injection vulnerability in CONPROSYS IoT Gateway products allows a remote authenticated attacker who can access Network Maintenance page to execute arbitrary OS commands with a root. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Cps Mg341 Adsc1 111 Firmware Cps Mg341 Adsc1 931 Firmware Cps Mg341G Adsc1 111 Firmware Cps Mg341G Adsc1 930 Firmware +15
NVD
CVSS 3.1
8.8
EPSS
1.9%
CVE-2023-26458 HIGH This Week

An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Java Information Disclosure Landscape Management
NVD
CVSS 3.1
8.7
EPSS
0.6%
CVE-2023-22615 HIGH This Week

An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Insydeh2o
NVD
CVSS 3.1
8.4
EPSS
0.2%
CVE-2023-28268 HIGH PATCH This Week

Netlogon RPC Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Windows Server 2008 Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
8.1
EPSS
1.5%
CVE-2023-28244 HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Microsoft Windows Server 2008 Windows Server 2012 Windows Server 2016 +2
NVD
CVSS 3.1
8.1
EPSS
2.9%
CVE-2023-28220 HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
8.1
EPSS
15.0%
CVE-2023-28219 HIGH PATCH This Week

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Windows 10 1507 Windows 10 1607 Windows 10 1809 Windows 10 20H2 +9
NVD
CVSS 3.1
8.1
EPSS
15.0%
CVE-2023-22642 HIGH This Week

An improper certificate validation vulnerability [CWE-295] in FortiAnalyzer and FortiManager 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4.8 through 6.4.10 may allow a remote and unauthenticated. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Fortianalyzer Fortimanager
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2023-24544 HIGH PATCH This Week

Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. Rated high severity (CVSS 8.1), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Bs Gsl2024 Firmware Bs Gsl2016P Firmware Bs Gsl2016 Firmware Bs Gs2008 Firmware +8
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2023-27267 HIGH This Week

Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP Diagnostics Agent - version 720, allows an attacker with deep knowledge of the system to execute scripts. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

SAP Authentication Bypass Diagnostics Agent
NVD
CVSS 3.1
8.1
EPSS
14.2%
CVE-2023-28304 HIGH PATCH This Week

Microsoft ODBC and OLE DB Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Odbc Ole Db
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-28296 HIGH PATCH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio 2017 Visual Studio 2019 Visual Studio 2022
NVD
CVSS 3.1
7.8
EPSS
0.7%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy